Hee,

Ik plaats hier een Hijackthis log omdat ik het niet helemaal vertrouw.
Ik plaats deze log hier omdat mijn muis raar doet en adobe reader start steeds op als ik in windows verkenner ben.

Velen dank bij voorbaat!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:42:34, on 22-10-2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Jeroen\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
C:\Users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
D:\Downloads\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.nl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.nl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Progr am Files\Soluto\soluto.exe /userinit,
O1 - Hosts: ::1 localhost #[IPv6]
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5 017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B51FAA0-DB8E-498B-B521-F7E3B0F79ED5}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{D156B3F5-4689-4118-ACF4-CD813BD24B56}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{E7FDDF49-E753-44F3-A991-FDBD0EF5FE8D}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BXGAXH - Unknown owner - C:\Users\Jeroen\AppData\Local\Temp\BXGAXH.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: GBRANOLLD - Unknown owner - C:\Users\Jeroen\AppData\Local\Temp\GBRANOLLD.exe (file missing)
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
O23 - Service: WTService - Unknown owner - C:\Windows\system32\atwtusb.exe


--
End of file - 9850 bytes

Download ComboFix van één van deze locaties:


Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.infospyware.net/antimalware/combofix/)

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< (http://www.bleepingcomputer.com/combofix/nl/hoe-dient-combofix-gebruikt-te-worden) kunt u lezen hoe u Combofix dient te gebruiken.
http://www.imgdumper.nl/uploads4/4de6eab686b90/4de6eab6867f3-Combofix.JPG


1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.


* (hier (http://www.bleepingcomputer.com/forums/topic114351.html) of hier (http://www.techsupportforum.com/security-center/virus-trojan-spyware-help/490111-how-disable-your-security-applications.html) staat een handleiding over hoe je deze kan uitschakelen:)


2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.


* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.


5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

ComboFix 11-10-24.02 - Jeroen 24-10-2011 15:45:49.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2937.1819 [GMT 2:00]
Gestart vanuit: d:\downloads\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\BReWErS.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-09-24 to 2011-10-24 ))))))))))))))))))))))))))))))
.
.
2011-10-24 13:58 . 2011-10-24 13:58 -------- d-----w- c:\users\Jeroen\AppData\Local\temp
2011-10-24 13:58 . 2011-10-24 13:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-24 12:45 . 2011-10-24 12:45 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43C7FCFD-E8DF-4E60-BB88-9CA56EFA9CED}\offreg.dll
2011-10-23 18:11 . 2011-10-23 18:12 -------- d-----w- c:\users\Jeroen\AppData\Local\PAYDAY
2011-10-23 18:11 . 2011-10-23 18:11 -------- d-----w- c:\programdata\RELOADED
2011-10-23 18:07 . 2011-10-23 18:11 -------- d-----w- c:\program files\Payday The Heist
2011-10-21 12:07 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{43C7FCFD-E8DF-4E60-BB88-9CA56EFA9CED}\mpengine.dll
2011-10-20 17:22 . 2011-10-20 17:22 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-10-20 17:21 . 2011-10-20 17:21 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-10-20 17:21 . 2011-10-20 17:21 -------- d-----w- c:\windows\system32\AGEIA
2011-10-20 17:21 . 2011-10-20 17:21 -------- d-----w- c:\program files\AGEIA Technologies
2011-10-20 17:21 . 2011-10-20 17:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-10-20 17:18 . 2011-10-20 19:12 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Prison Break
2011-10-20 17:12 . 2011-10-20 17:12 -------- d-----w- c:\program files\Deep Silver
2011-10-20 11:36 . 2011-10-20 11:36 -------- d-----w- c:\program files\Rockstar Games
2011-10-20 09:42 . 2011-10-20 09:42 -------- d-----w- c:\program files\Common Files\Java
2011-10-18 21:00 . 2011-10-18 21:00 -------- d-----w- c:\windows\Downloaded Installations
2011-10-18 12:57 . 2011-10-18 12:57 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Corel
2011-10-18 12:57 . 2011-10-18 13:00 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Ulead Systems
2011-10-18 12:56 . 2011-10-18 12:56 -------- d-----w- c:\programdata\eSellerate
2011-10-18 12:56 . 2011-10-18 12:56 -------- d-----w- c:\program files\SmartSound Software
2011-10-18 12:55 . 2011-10-18 12:56 -------- d-----w- c:\programdata\SmartSound Software Inc
2011-10-18 12:55 . 2011-10-18 12:55 -------- d--h--w- c:\windows\msdownld.tmp
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-10-18 12:54 . 2011-10-18 12:54 -------- d-----w- c:\program files\Common Files\Apple
2011-10-18 12:54 . 2011-10-18 12:54 -------- d-----w- c:\program files\QuickTime
2011-10-18 12:54 . 2011-10-18 12:54 -------- d-----w- c:\programdata\Apple Computer
2011-10-18 12:54 . 2011-10-18 12:54 -------- d-----w- c:\programdata\InterVideo
2011-10-18 12:53 . 2011-10-18 12:53 -------- d-----w- c:\programdata\Corel
2011-10-18 12:51 . 2011-10-18 12:51 -------- d-----w- c:\programdata\Ulead Systems
2011-10-18 12:48 . 2011-10-18 12:48 -------- d-----w- c:\program files\Common Files\Protexis
2011-10-18 12:48 . 2011-10-18 12:48 -------- d-----w- c:\program files\Common Files\Corel
2011-10-18 12:47 . 2011-10-18 12:47 -------- d-----w- c:\program files\Common Files\Ulead Systems
2011-10-18 12:47 . 2011-10-18 12:47 -------- d-----w- c:\program files\Windows Media Components
2011-10-18 12:46 . 2011-10-18 12:46 -------- d-----w- c:\program files\Corel
2011-10-16 19:49 . 2011-10-14 14:37 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-10-16 19:49 . 2011-10-14 14:37 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-10-16 19:49 . 2011-10-16 19:49 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-10-16 19:46 . 2011-10-16 19:46 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-10-16 18:33 . 2011-10-16 18:33 -------- d-----w- c:\program files\SpywareBlaster
2011-10-16 10:59 . 2011-10-16 10:59 -------- d-----w- c:\users\Jeroen\AppData\Roaming\gtk-2.0
2011-10-16 10:59 . 2011-10-16 10:59 -------- d-----w- c:\users\Jeroen\.thumbnails
2011-10-14 20:28 . 2011-10-14 20:28 -------- d-----w- c:\program files\Team17
2011-10-13 18:38 . 2011-10-13 18:38 -------- d-----w- c:\users\Jeroen\AppData\Local\Stardock
2011-10-13 17:39 . 2011-10-13 18:33 -------- d-----w- c:\users\Jeroen\AppData\Local\VMware
2011-10-13 17:39 . 2011-10-13 18:31 -------- d-----w- c:\users\Jeroen\AppData\Roaming\VMware
2011-10-13 17:29 . 2011-08-22 15:07 354416 ----a-w- c:\windows\system32\vmnetdhcp.exe
2011-10-13 17:29 . 2011-08-22 15:06 432752 ----a-w- c:\windows\system32\vmnat.exe
2011-10-13 17:29 . 2011-08-22 15:06 25712 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2011-10-13 17:29 . 2011-08-22 15:07 783472 ----a-w- c:\windows\system32\vnetlib.dll
2011-10-13 17:27 . 2011-10-14 06:13 -------- d-----w- c:\programdata\VMware
2011-10-13 17:27 . 2011-10-13 18:32 -------- d-----w- c:\program files\VMware
2011-10-13 17:27 . 2011-10-13 17:27 -------- d-----w- c:\program files\Common Files\VMware
2011-10-13 10:26 . 2011-10-13 10:26 -------- d-----w- c:\users\Jeroen\AppData\Local\BoH
2011-10-12 16:12 . 2011-10-12 16:43 -------- d-----w- c:\program files\COMODO
2011-10-12 16:12 . 2011-10-12 16:12 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-10-12 13:54 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 13:54 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 13:54 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 13:54 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 13:54 . 2011-09-06 02:28 2334720 ----a-w- c:\windows\system32\win32k.sys
2011-10-07 16:47 . 2011-10-07 16:47 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-10-07 16:47 . 2011-10-07 16:47 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-10-07 16:47 . 2011-10-07 16:47 488208 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-10-07 16:47 . 2011-10-07 16:47 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-10-07 16:47 . 2011-10-07 16:47 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-10-07 16:47 . 2011-10-07 16:47 300200 ----a-w- c:\windows\system32\guard32.dll
2011-10-05 13:12 . 2011-10-05 13:12 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Synaptics
2011-10-04 19:30 . 2011-10-04 19:30 -------- d-----w- c:\programdata\Synaptics
2011-10-04 19:28 . 2011-01-07 01:52 144680 ----a-w- c:\windows\system32\SynGlwPadShlExt.dll
2011-10-04 19:28 . 2011-01-07 01:51 120104 ----a-w- c:\windows\system32\SynTPCo6.dll
2011-10-02 18:45 . 2011-10-02 18:45 -------- d-----w- c:\programdata\Nexon
2011-10-02 18:00 . 2011-10-02 18:00 235 ----a-w- c:\windows\system32\nxEuUninstall.bat
2011-10-02 18:00 . 2011-10-02 18:00 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-10-02 13:01 . 2011-10-02 13:01 -------- d-----w- c:\users\Jeroen\AppData\Roaming\MotioninJoy
2011-10-02 13:01 . 2009-09-11 10:47 255496 ----a-w- c:\windows\system32\MijFrc.dll
2011-10-02 13:01 . 2011-10-02 13:01 -------- d-----w- c:\program files\MotioninJoy
2011-10-01 19:18 . 2011-10-01 19:18 -------- d-----w- c:\users\Jeroen\AppData\Local\Mozilla
2011-10-01 18:38 . 2011-10-01 18:38 -------- d-----w- c:\users\Jeroen\AppData\Local\Browser Guard
2011-09-30 18:53 . 2011-10-01 14:25 -------- d-----w- c:\program files\Lavalys
2011-09-29 15:55 . 2011-10-21 12:02 -------- d-----w- c:\program files\uTorrent
2011-09-29 15:54 . 2011-10-23 18:17 -------- d-----w- c:\users\Jeroen\AppData\Roaming\uTorrent
2011-09-29 15:54 . 2011-09-29 15:54 -------- d-----w- c:\users\Jeroen\AppData\Local\uTorrent
2011-09-26 16:22 . 2011-10-03 20:22 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-09-26 16:21 . 2011-09-26 16:21 -------- d-----w- c:\programdata\Hitman Pro
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2011-10-20 09:40 . 2011-06-20 17:46 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-18 19:10 . 2011-06-28 05:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-22 18:35 . 2011-06-23 20:40 164880 ---ha-w- c:\users\Jeroen\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2011-09-15 06:40 . 2011-09-15 06:40 229224 ----a-w- c:\windows\system32\drivers\VMM.sys
2011-09-06 20:45 . 2011-09-22 20:10 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-09-22 20:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-09-22 20:11 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-09-22 20:11 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-09-22 20:11 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-09-22 20:11 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-09-22 20:11 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-09-22 20:11 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-23 17:33 . 2011-08-23 17:33 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-22 15:07 . 2011-08-22 15:07 55280 ----a-w- c:\windows\system32\drivers\vmx86.sys
2011-08-22 13:40 . 2011-08-22 13:40 252016 ----a-w- c:\windows\system32\vmnc.dll
2011-08-22 13:12 . 2011-08-22 13:12 55408 ----a-w- c:\windows\system32\vmnetbridge.dll
2011-08-22 13:12 . 2011-08-22 13:12 49776 ----a-w- c:\windows\system32\vnetinst.dll
2011-08-22 13:12 . 2011-08-22 13:12 36464 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2011-08-22 13:12 . 2011-08-22 13:12 19568 ----a-w- c:\windows\system32\drivers\vmnet.sys
2011-08-22 13:12 . 2011-08-22 13:12 16624 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2011-08-21 21:11 . 2011-08-21 21:11 32496 ----a-w- c:\windows\system32\drivers\hcmon.sys
2011-08-20 10:26 . 2011-08-20 10:26 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-20 10:26 . 2011-08-20 10:26 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-17 19:14 . 2011-08-17 19:14 195424 ----a-w- c:\windows\system32\drivers\windrvr6.sys
2011-08-10 18:45 . 2011-07-14 19:45 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-08-10 18:45 . 2011-08-10 18:45 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-08-08 12:58 . 2011-08-08 12:58 98928 ----a-w- c:\windows\system32\drivers\vmci.sys
2011-08-08 12:58 . 2011-08-08 12:58 63088 ----a-w- c:\windows\system32\vsocklib.dll
2011-08-05 20:18 . 2010-11-20 21:29 2755072 ----a-w- c:\windows\system32\themeui.dll
2011-08-05 20:18 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll
2011-08-05 20:18 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2011-09-23 05:02 . 2011-10-01 19:18 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2010-09-16 6265376]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-09-20 801792]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-10-20 2497352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"EnableLUA"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSimpleNetlDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\acrord32.exe]
"Debugger"="c:\program files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\soluto.exe]
"Debugger"="c:\program files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\switchboard.exe]
"Debugger"="c:\program files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\chromium]
2011-09-30 15:12 1030200 ----a-w- c:\users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-20 18:40 136176 ----atw- c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series]
2009-10-23 12:15 509224 ----a-w- c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
2009-07-14 01:14 354304 ------w- c:\windows\System32\StikyNot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 09:07 199752 ------w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBT ip.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"DAEMON Tools Lite"=c:\program files\DAEMON Tools Lite\DTLite.exe -autorun
"Google Update"="c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe" /c
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"PlusService"=c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
"Cm106Sound"=RunDll32 cm106.cpl,CMICtrlWnd
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.s ys [2011-06-26 51144]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 135664]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2003-04-18 8192]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2011-08-10 94880]
R3 bmdrvr;Modified Clusters Tracking Driver;c:\windows\system32\drivers\bmdrvr.sys [2011-03-14 54384]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.s ys [2009-10-02 127488]
R3 BXGAXH;BXGAXH;c:\users\Jeroen\AppData\Local\Temp\B XGAXH.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\Eagl eXNt.sys [x]
R3 GBRANOLLD;GBRANOLLD;c:\users\Jeroen\AppData\Local\ Temp\GBRANOLLD.exe [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 135664]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys [2009-10-02 124416]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys [2010-11-20 15872]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revofl t.sys [2009-12-30 27192]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\ synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsus bhub.sys [2010-11-20 112640]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-07-15 101680]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2007-11-21 17408]
R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R4 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4640000]
R4 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-06-26 376352]
R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-08-21 665200]
R4 vmware-converter-agent;VMware vCenter Converter Standalone Agent;c:\program files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2011-08-19 423536]
R4 vmware-converter-server;VMware vCenter Converter Standalone Server;c:\program files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-08-19 423536]
R4 vmware-converter-worker;VMware vCenter Converter Standalone Worker;c:\program files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-08-19 423536]
R4 VMwareHostd;VMware Workstation Server;c:\program files\VMware\VMware Workstation\vmware-hostd.exe [2011-08-22 11837440]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\ sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 98928]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-10-07 488208]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-10-07 39640]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-07-15 154416]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-07-15 33072]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\as wMonFlt.sys [2011-09-06 54616]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-07-12 22768]
S2 WTService;WTService;c:\windows\system32\atwtusb.ex e [2010-06-15 861696]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 119408]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-13 10064]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-07-15 113456]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2011-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 18:19]
.
2011-10-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 18:19]
.
2011-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151463788-573965916-3573126854-1000Core.job
- c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe [2011-08-10 18:40]
.
2011-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151463788-573965916-3573126854-1000UA.job
- c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe [2011-08-10 18:40]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5 017F567343CA.dll/cmsidewiki.html
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{5B51FAA0-DB8E-498B-B521-F7E3B0F79ED5}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D156B3F5-4689-4118-ACF4-CD813BD24B56}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{E7FDDF49-E753-44F3-A991-FDBD0EF5FE8D}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Jeroen\AppData\Roaming\Mozilla\Firefox\Pr ofiles\nlw77dd1.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
MSConfigStartUp-KPeerNexonEU - c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-151463788-573965916-3573126854-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:cb,ef,60,d0,3d,d4,9b,98,70,49,1d,5b,80,ee,33, 6d,0e,b2,f5,31,5e,2a,5a,
e0,e7,33,be,b0,83,a0,14,6c,9a,cd,f9,7b,d9,be,4e,c2 ,09,2d,06,7b,e9,48,32,ca,\
"??"=hex:3e,fb,96,fd,13,1d,90,34,40,64,93,e4,41,6b,9e, a3
.
[HKEY_USERS\S-1-5-21-151463788-573965916-3573126854-1000\Software\SecuROM\License information*]
"datasecu"=hex:61,90,13,91,75,c3,82,46,da,51,42,8b,73,05,55, 30,bb,d8,a6,47,d2,
ac,95,50,1d,43,67,c3,b7,cb,a7,78,3a,d8,ac,24,fa,f1 ,29,93,4f,9d,f0,99,12,55,\
"rkeysecu"=hex:21,32,67,fb,51,0a,e3,c2,95,b8,a6,4a,ca,f7,96, b2
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(692)
c:\windows\system32\guard32.dll
.
Voltooingstijd: 2011-10-24 16:08:03
ComboFix-quarantined-files.txt 2011-10-24 14:08
.
Pre-Run: 50.111.541.248 bytes beschikbaar
Post-Run: 49.886.126.080 bytes beschikbaar
.
- - End Of File - - 393D5DF4E0013B300F76FDE45BF9759C

Even een opmerking tussendoor, de mappen die normaal verborgen zijn (programdata etc) zijn gewoon zichtbaar als normale mappen zegmaar. hoort dit? Ik heb ze zelf weer op verborgen gezet..

Even zeuren,

Gestart vanuit: d:\downloads\ComboFix.exe

combofix dient op het bureaublad te staan en niet gestart vanuit downloads.
Verplaats deze even aub.

ComboFix 11-10-24.02 - Jeroen 25-10-2011 18:26:47.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.2937.1841 [GMT 2:00]
Gestart vanuit: c:\users\Jeroen\Desktop\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
FW: COMODO Firewall *Disabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Disabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2011-09-25 to 2011-10-25 ))))))))))))))))))))))))))))))
.
.
2011-10-25 16:36 . 2011-10-25 16:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-25 16:21 . 2011-10-25 16:21 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{19E50CC5-053E-44E9-9CD0-266763DF15DE}\offreg.dll
2011-10-25 08:23 . 2011-10-07 03:48 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{19E50CC5-053E-44E9-9CD0-266763DF15DE}\mpengine.dll
2011-10-24 14:08 . 2011-10-25 16:36 -------- d-----w- c:\users\Jeroen\AppData\Local\temp
2011-10-23 18:11 . 2011-10-23 18:12 -------- d-----w- c:\users\Jeroen\AppData\Local\PAYDAY
2011-10-23 18:11 . 2011-10-23 18:11 -------- d--h--w- c:\programdata\RELOADED
2011-10-20 17:22 . 2011-10-20 17:22 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-10-20 17:21 . 2011-10-20 17:21 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-10-20 17:21 . 2011-10-20 17:21 -------- d-----w- c:\windows\system32\AGEIA
2011-10-20 17:21 . 2011-10-20 17:21 -------- d-----w- c:\program files\AGEIA Technologies
2011-10-20 17:21 . 2011-10-20 17:21 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-10-20 17:18 . 2011-10-20 19:12 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Prison Break
2011-10-20 17:12 . 2011-10-20 17:12 -------- d-----w- c:\program files\Deep Silver
2011-10-20 11:36 . 2011-10-20 11:36 -------- d-----w- c:\program files\Rockstar Games
2011-10-20 09:42 . 2011-10-20 09:42 -------- d-----w- c:\program files\Common Files\Java
2011-10-18 21:00 . 2011-10-18 21:00 -------- d-----w- c:\windows\Downloaded Installations
2011-10-18 12:57 . 2011-10-18 12:57 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Corel
2011-10-18 12:57 . 2011-10-18 13:00 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Ulead Systems
2011-10-18 12:56 . 2011-10-18 12:56 -------- d--h--w- c:\programdata\eSellerate
2011-10-18 12:56 . 2011-10-18 12:56 -------- d-----w- c:\program files\SmartSound Software
2011-10-18 12:55 . 2011-10-18 12:56 -------- d--h--w- c:\programdata\SmartSound Software Inc
2011-10-18 12:55 . 2011-10-18 12:55 -------- d--h--w- c:\windows\msdownld.tmp
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2011-10-18 12:54 . 2011-10-18 12:54 143360 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2011-10-18 12:54 . 2011-10-18 12:54 -------- d-----w- c:\program files\Common Files\Apple
2011-10-18 12:54 . 2011-10-18 12:54 -------- d-----w- c:\program files\QuickTime
2011-10-18 12:54 . 2011-10-18 12:54 -------- d--h--w- c:\programdata\Apple Computer
2011-10-18 12:54 . 2011-10-18 12:54 -------- d--h--w- c:\programdata\InterVideo
2011-10-18 12:53 . 2011-10-18 12:53 -------- d--h--w- c:\programdata\Corel
2011-10-18 12:51 . 2011-10-18 12:51 -------- d--h--w- c:\programdata\Ulead Systems
2011-10-18 12:48 . 2011-10-18 12:48 -------- d-----w- c:\program files\Common Files\Protexis
2011-10-18 12:48 . 2011-10-18 12:48 -------- d-----w- c:\program files\Common Files\Corel
2011-10-18 12:47 . 2011-10-18 12:47 -------- d-----w- c:\program files\Common Files\Ulead Systems
2011-10-18 12:47 . 2011-10-18 12:47 -------- d-----w- c:\program files\Windows Media Components
2011-10-18 12:46 . 2011-10-18 12:46 -------- d-----w- c:\program files\Corel
2011-10-16 19:49 . 2011-10-14 14:37 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-10-16 19:49 . 2011-10-14 14:37 21312 ----a-w- c:\windows\system32\authuitu.dll
2011-10-16 19:49 . 2011-10-16 19:49 -------- d-----w- c:\program files\TuneUp Utilities 2012
2011-10-16 19:46 . 2011-10-16 19:46 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2011-10-16 18:33 . 2011-10-16 18:33 -------- d-----w- c:\program files\SpywareBlaster
2011-10-16 10:59 . 2011-10-16 10:59 -------- d-----w- c:\users\Jeroen\AppData\Roaming\gtk-2.0
2011-10-16 10:59 . 2011-10-16 10:59 -------- d-----w- c:\users\Jeroen\.thumbnails
2011-10-14 20:28 . 2011-10-14 20:28 -------- d-----w- c:\program files\Team17
2011-10-13 18:38 . 2011-10-13 18:38 -------- d-----w- c:\users\Jeroen\AppData\Local\Stardock
2011-10-13 17:39 . 2011-10-13 18:33 -------- d-----w- c:\users\Jeroen\AppData\Local\VMware
2011-10-13 17:39 . 2011-10-13 18:31 -------- d-----w- c:\users\Jeroen\AppData\Roaming\VMware
2011-10-13 17:29 . 2011-08-22 15:07 354416 ----a-w- c:\windows\system32\vmnetdhcp.exe
2011-10-13 17:29 . 2011-08-22 15:06 432752 ----a-w- c:\windows\system32\vmnat.exe
2011-10-13 17:29 . 2011-08-22 15:06 25712 ----a-w- c:\windows\system32\drivers\vmnetuserif.sys
2011-10-13 17:29 . 2011-08-22 15:07 783472 ----a-w- c:\windows\system32\vnetlib.dll
2011-10-13 17:27 . 2011-10-14 06:13 -------- d--h--w- c:\programdata\VMware
2011-10-13 17:27 . 2011-10-13 18:32 -------- d-----w- c:\program files\VMware
2011-10-13 17:27 . 2011-10-13 17:27 -------- d-----w- c:\program files\Common Files\VMware
2011-10-13 10:26 . 2011-10-13 10:26 -------- d-----w- c:\users\Jeroen\AppData\Local\BoH
2011-10-12 16:12 . 2011-10-12 16:43 -------- d-----w- c:\program files\COMODO
2011-10-12 16:12 . 2011-10-12 16:12 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-10-12 13:54 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-10-12 13:54 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll
2011-10-12 13:54 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll
2011-10-12 13:54 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax
2011-10-12 13:54 . 2011-09-06 02:28 2334720 ----a-w- c:\windows\system32\win32k.sys
2011-10-07 16:47 . 2011-10-07 16:47 82400 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-10-07 16:47 . 2011-10-07 16:47 39640 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-10-07 16:47 . 2011-10-07 16:47 488208 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-10-07 16:47 . 2011-10-07 16:47 19600 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-10-07 16:47 . 2011-10-07 16:47 33984 ----a-w- c:\windows\system32\cmdcsr.dll
2011-10-07 16:47 . 2011-10-07 16:47 300200 ----a-w- c:\windows\system32\guard32.dll
2011-10-05 13:12 . 2011-10-05 13:12 -------- d-----w- c:\users\Jeroen\AppData\Roaming\Synaptics
2011-10-04 19:30 . 2011-10-04 19:30 -------- d--h--w- c:\programdata\Synaptics
2011-10-04 19:28 . 2011-01-07 01:52 144680 ----a-w- c:\windows\system32\SynGlwPadShlExt.dll
2011-10-04 19:28 . 2011-01-07 01:51 120104 ----a-w- c:\windows\system32\SynTPCo6.dll
2011-10-02 18:45 . 2011-10-02 18:45 -------- d--h--w- c:\programdata\Nexon
2011-10-02 18:00 . 2011-10-02 18:00 235 ----a-w- c:\windows\system32\nxEuUninstall.bat
2011-10-02 18:00 . 2011-10-02 18:00 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-10-02 13:01 . 2011-10-02 13:01 -------- d-----w- c:\users\Jeroen\AppData\Roaming\MotioninJoy
2011-10-02 13:01 . 2009-09-11 10:47 255496 ----a-w- c:\windows\system32\MijFrc.dll
2011-10-02 13:01 . 2011-10-02 13:01 -------- d-----w- c:\program files\MotioninJoy
2011-10-01 19:18 . 2011-10-01 19:18 -------- d-----w- c:\users\Jeroen\AppData\Local\Mozilla
2011-10-01 18:38 . 2011-10-01 18:38 -------- d-----w- c:\users\Jeroen\AppData\Local\Browser Guard
2011-09-30 18:53 . 2011-10-01 14:25 -------- d-----w- c:\program files\Lavalys
2011-09-29 15:55 . 2011-10-21 12:02 -------- d-----w- c:\program files\uTorrent
2011-09-29 15:54 . 2011-10-23 18:17 -------- d-----w- c:\users\Jeroen\AppData\Roaming\uTorrent
2011-09-29 15:54 . 2011-09-29 15:54 -------- d-----w- c:\users\Jeroen\AppData\Local\uTorrent
2011-09-26 16:22 . 2011-10-03 20:22 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2011-09-26 16:21 . 2011-09-26 16:21 -------- d--h--w- c:\programdata\Hitman Pro
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2011-10-20 09:40 . 2011-06-20 17:46 544656 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-18 19:10 . 2011-06-28 05:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-22 18:35 . 2011-06-23 20:40 164880 ---ha-w- c:\users\Jeroen\AppData\Roaming\Microsoft\Virtual PC\VPCKeyboard.dll
2011-09-15 06:40 . 2011-09-15 06:40 229224 ----a-w- c:\windows\system32\drivers\VMM.sys
2011-09-06 20:45 . 2011-09-22 20:10 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-09-22 20:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-09-22 20:11 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-09-22 20:11 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-09-22 20:11 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-09-22 20:11 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-09-22 20:11 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-09-22 20:11 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-23 17:33 . 2011-08-23 17:33 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-08-22 15:07 . 2011-08-22 15:07 55280 ----a-w- c:\windows\system32\drivers\vmx86.sys
2011-08-22 13:40 . 2011-08-22 13:40 252016 ----a-w- c:\windows\system32\vmnc.dll
2011-08-22 13:12 . 2011-08-22 13:12 55408 ----a-w- c:\windows\system32\vmnetbridge.dll
2011-08-22 13:12 . 2011-08-22 13:12 49776 ----a-w- c:\windows\system32\vnetinst.dll
2011-08-22 13:12 . 2011-08-22 13:12 36464 ----a-w- c:\windows\system32\drivers\vmnetbridge.sys
2011-08-22 13:12 . 2011-08-22 13:12 19568 ----a-w- c:\windows\system32\drivers\vmnet.sys
2011-08-22 13:12 . 2011-08-22 13:12 16624 ----a-w- c:\windows\system32\drivers\vmnetadapter.sys
2011-08-21 21:11 . 2011-08-21 21:11 32496 ----a-w- c:\windows\system32\drivers\hcmon.sys
2011-08-20 10:26 . 2011-08-20 10:26 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-20 10:26 . 2011-08-20 10:26 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-17 19:14 . 2011-08-17 19:14 195424 ----a-w- c:\windows\system32\drivers\windrvr6.sys
2011-08-10 18:45 . 2011-07-14 19:45 752128 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-08-10 18:45 . 2011-08-10 18:45 600928 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-08-08 12:58 . 2011-08-08 12:58 98928 ----a-w- c:\windows\system32\drivers\vmci.sys
2011-08-08 12:58 . 2011-08-08 12:58 63088 ----a-w- c:\windows\system32\vsocklib.dll
2011-08-05 20:18 . 2010-11-20 21:29 2755072 ----a-w- c:\windows\system32\themeui.dll
2011-08-05 20:18 . 2009-07-13 23:39 37376 ----a-w- c:\windows\system32\themeservice.dll
2011-08-05 20:18 . 2009-07-13 23:40 249856 ----a-w- c:\windows\system32\uxtheme.dll
2011-09-23 05:02 . 2011-10-01 19:18 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\00 avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"RESTART_STICKY_NOTES"="c:\windows\System32\StikyNot.exe" [2009-07-14 354304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2010-09-16 6265376]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-14 1541416]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-09-20 801792]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-10-20 2497352]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"EnableLUA"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSimpleNetlDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\chromium]
2011-09-30 15:12 1030200 ----a-w- c:\users\Jeroen\AppData\Local\Google\Chrome\Applic ation\chrome.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-20 18:40 136176 ----atw- c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hercules DJ Series]
2009-10-23 12:15 509224 ----a-w- c:\program files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
2009-07-14 01:14 354304 ------w- c:\windows\System32\StikyNot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 09:07 199752 ------w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBT ip.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"DAEMON Tools Lite"=c:\program files\DAEMON Tools Lite\DTLite.exe -autorun
"Google Update"="c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe" /c
"SoftAuto.exe"="c:\program files\Creative\Software Update 3\SoftAuto.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"PlusService"=c:\program files\Yuna Software\Messenger Plus!\PlusService.exe
"Cm106Sound"=RunDll32 cm106.cpl,CMICtrlWnd
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\ v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 135664]
R2 KMService;KMService;c:\windows\system32\srvany.exe [2003-04-18 8192]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2011-08-10 94880]
R3 bmdrvr;Modified Clusters Tracking Driver;c:\windows\system32\drivers\bmdrvr.sys [2011-03-14 54384]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.s ys [2009-10-02 127488]
R3 BXGAXH;BXGAXH;c:\users\Jeroen\AppData\Local\Temp\B XGAXH.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\Eagl eXNt.sys [x]
R3 GBRANOLLD;GBRANOLLD;c:\users\Jeroen\AppData\Local\ Temp\GBRANOLLD.exe [x]
R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 135664]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys [2009-10-02 124416]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\dr ivers\mbamswissarmy.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys [2010-11-20 15872]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revofl t.sys [2009-12-30 27192]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\ synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsus bhub.sys [2010-11-20 112640]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM106.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-07-15 101680]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R4 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE [2007-11-21 17408]
R4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R4 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E [2010-01-09 4640000]
R4 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2011-06-26 376352]
R4 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R4 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-08-21 665200]
R4 vmware-converter-agent;VMware vCenter Converter Standalone Agent;c:\program files\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [2011-08-19 423536]
R4 vmware-converter-server;VMware vCenter Converter Standalone Server;c:\program files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-08-19 423536]
R4 vmware-converter-worker;VMware vCenter Converter Standalone Worker;c:\program files\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [2011-08-19 423536]
R4 VMwareHostd;VMware Workstation Server;c:\program files\VMware\VMware Workstation\vmware-hostd.exe [2011-08-22 11837440]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.s ys [2011-06-26 51144]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\ sptd.sys [x]
S0 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys [2011-08-08 98928]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-10-07 488208]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-10-07 39640]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-07-15 154416]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-07-15 33072]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\as wMonFlt.sys [2011-09-06 54616]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [2011-10-14 1479488]
S2 vstor2-mntapi10-shared;Vstor2 MntApi 1.0 Driver (shared);c:\windows\system32\drivers\vstor2-mntapi10-shared.sys [2011-07-12 22768]
S2 WTService;WTService;c:\windows\system32\atwtusb.ex e [2010-06-15 861696]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 119408]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [2011-10-13 10064]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-07-15 113456]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 18:19]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-20 18:19]
.
2011-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151463788-573965916-3573126854-1000Core.job
- c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe [2011-08-10 18:40]
.
2011-10-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-151463788-573965916-3573126854-1000UA.job
- c:\users\Jeroen\AppData\Local\Google\Update\Google Update.exe [2011-08-10 18:40]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
IE: &Verzenden naar OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Jeroen\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5 017F567343CA.dll/cmsidewiki.html
LSP: %SystemRoot%\system32\vsocklib.dll
TCP: DhcpNameServer = 62.179.104.196 213.46.228.196
TCP: Interfaces\{5B51FAA0-DB8E-498B-B521-F7E3B0F79ED5}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{D156B3F5-4689-4118-ACF4-CD813BD24B56}: NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{E7FDDF49-E753-44F3-A991-FDBD0EF5FE8D}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Jeroen\AppData\Roaming\Mozilla\Firefox\Pr ofiles\nlw77dd1.default\
FF - prefs.js: browser.startup.homepage - www.google.nl
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-151463788-573965916-3573126854-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:cb,ef,60,d0,3d,d4,9b,98,70,49,1d,5b,80,ee,33, 6d,0e,b2,f5,31,5e,2a,5a,
e0,e7,33,be,b0,83,a0,14,6c,9a,cd,f9,7b,d9,be,4e,c2 ,09,2d,06,7b,e9,48,32,ca,\
"??"=hex:3e,fb,96,fd,13,1d,90,34,40,64,93,e4,41,6b,9e, a3
.
[HKEY_USERS\S-1-5-21-151463788-573965916-3573126854-1000\Software\SecuROM\License information*]
"datasecu"=hex:61,90,13,91,75,c3,82,46,da,51,42,8b,73,05,55, 30,bb,d8,a6,47,d2,
ac,95,50,1d,43,67,c3,b7,cb,a7,78,3a,d8,ac,24,fa,f1 ,29,93,4f,9d,f0,99,12,55,\
"rkeysecu"=hex:21,32,67,fb,51,0a,e3,c2,95,b8,a6,4a,ca,f7,96, b2
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'lsass.exe'(696)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'Explorer.exe'(1816)
c:\windows\system32\guard32.dll
c:\windows\system32\IconCodecService.dll
.
Voltooingstijd: 2011-10-25 18:38:35
ComboFix-quarantined-files.txt 2011-10-25 16:38
ComboFix2.txt 2011-10-24 14:08
.
Pre-Run: 54.183.825.408 bytes beschikbaar
Post-Run: 53.765.058.560 bytes beschikbaar
.
- - End Of File - - E737FF2001EDD51E44E0072B5D9C4B62

Gaat het intussen al beter ?

Ja, in verkenner wel maar die muis doet nog wel wat raar, steeds verdwijnt dat laat tekentje (in mijn geval een cirkel) en komt weer terug met flitsen maar goed daar moet ik me dan niet aan storen.....
Waar had ik eigenlijk mee te maken? Want combofix heeft wel dingen in quarantaine geplaatst

Muis doet raar zeg je, schiet het pijltje alle kanten op of zoiets ?

Nee, het is meer als of deze altijd iets aan het laden is zeg maar. Ik zie de pijl zelf maar dat laad tekentje knippert heel erg.

Wellicht is dat ook zo, welke programma's zijn laatst geupdate. Ik heb zelf bv. Java en adobe updates recent gekregen.

Bij mij ook, Java en adobe flash player hebben een update gehad.

En hoe is het op dit moment met de problemen ?

Alles is verder in orde bedankt!

Verwijder ComboFix, kopiëer het onderstaande commando met (Ctrl + C):
Combofix /Uninstall (let op!!! de spatie voor /Uninstall)

Klik Start -> Uitvoeren, en plak (Ctrl + V) het commando, toets vervolgens Ctrl + Shift + Enter.
Dit verwijdert zowel ComboFix, als je oude systeemherstelpunten (met eventuele restanten van malware), en maakt een nieuw systeemherstelpunt aan.
http://www.imgdumper.nl/uploads4/4e4e40e012008/4e4e40e01106d-cfu.jpg

Ccleaner
Download CCleaner Slim (http://www.filehippo.com/download_ccleaner/)
Installeer CCleaner en start CCleaner op.



Klik in de linkse kolom op Cleaner.
Klik achtereenvolgens op Analyseren en Opschonen.
Klik vervolgens in de linkse kolom op Register en klik op Scan naar problemen.
Als er fouten gevonden worden klik je op Herstel geselecteerde problemen en OK.
Dan krijg je de vraag om een back-up te maken, klik op JA. en kies dan Herstel alle geselecteerde fouten.
Sluit hierna CCleaner af.



Om herbesmetting te vermijden, kan je deze tips eens nalezen:
Hoe voorkom ik een nieuwe infectie? (http://users.telenet.be/marcvn/spyware/1564073.htm)

Gedaan, dank je wel!

Er mag wel een slotje op aangezien het probleem is verholpen :P